Challenges and Solutions of Threat and Vulnerability Sharing in 2015

Overcoming the challenges that information sharing presents will require greater collaboration across the financial industry and a focus on combined efforts rather than individual protection

The concept of threat and vulnerability sharing is not new. The practice has been around for decades now, taking on various forms. But, the cyber-attacks on JPMorgan Chase and several other financial institutions this past year have caused a major push for improved bank security in 2015.

Information sharing programs should reach across sectors to increase accessibility and enhance the conversation between different companies about emerging cybersecurity threats and enhancements. When an embarrassing breach occurs, the last thing a bank wants to do is share the details and seem vulnerable to their competitors, but this will in the end help prevent further attacks across the entire financial sector.

Although more banks are starting to share cybersecurity threats with peer institutions, several challenges still remain as a roadblock to adopting as a best practice. Institutions need to take initiative and get involved with information sharing programs such as Soltra Edge,and FS-ISAC, a financial services information sharing organization sponsored by the federal government. Banks should continue to donate towards and involve themselves with these types of initiatives in order to be proactive about their data safety in the future.

Data collaboration has evolved over time from loose relationships to more formal methods of communications between humans and machine-assisted system updates. New efforts are changing operations, especially in the automation and reporting process, becoming more machine centric. Much like the IPS movement a decade ago took the alerts from the IDS systems and acted on them, this will allow large organizations to recognize threats rapidly. Tools lend to quicker detection allowing banks to combine efforts and identify single actors that are affecting several different financial institutions. By shifting their security vision to be incorporative of the entire ecosystem, banks will see their competitors as peers and work collaboratively to eliminate cyber attacks as a whole. As offensive tools are used, this type of coordination can help minimize their useful life span from hours and days, to seconds.

Many people have raised questions surrounding government regulation and whether or not officials are doing enough to protect banks in the coming year. Although Congress has had failed attempts at passing legislation that would encourage information sharing among banks in the past, financial institutions need to be less reliant on the Fed and more reliant on themselves for security. When government regulates or legislates technical solutions it can dampen innovation in establishing new ways to handle problems directly and even create unintended consequences. At the same time, too many companies are keeping details of breaches to themselves, making these attacks effective for a longer span of time. Fortunately more and more banks are seeing the value of information, and offering up threat and vulnerability experiences more willingly. Industry and government can foster this by supporting information release and helping set up trusted forums.

In 2015, we should see a surge in new cooperative efforts among concerned companies and government organizations in sharing details and acting to put an end to some of the more persistent problems in cybersecurity today. In many cases, the same malicious malware is being used to attack different institutions across all sectors, and sharing this information could help protect an extremely wide scope of companies. The vision for cybersecurity in 2015 for the financial sector should be collaborative and proactive. The financial industry should embrace and adopt information sharing practices in the future and take control over threat actors. This will lead to less devastating breaches and cyber attacks. With continued support, similar collaborative efforts will utilize information sharing and help level the cyber playing field.

The views expressed in this post are the opinions of the Infosec Island member that posted this content. Infosec Island is not responsible for the content or messaging of this post.

Unauthorized reproduction of this article (in part or in whole) is prohibited without the express written permission of Infosec Island and the Infosec Island member that posted this content--this includes using our RSS feed for any purpose other than personal use.